HHS has released its final plan to address patient safety issues arising from the use of health information technology. But putting in place a framework to monitor and then act on those issues remains a work in progress.

One significant change, however, compared to a draft plan released in December, was the addition of a role for the Joint Commission to assist HHS’ Office of the National Coordinator for Health Information Technology in “detecting and proactively addressing potential health IT-related safety issues,” according to a five-page fact sheet about the plan.

The Joint Commission will investigate and analyze health-IT related adverse events, develop follow-up and corrective action plans and create a database of sentinel events for research and develop a scheme to classify them. The one-year contract is for $524,017 through June 2014, with a one-year option for $248,245. The contract requires the Joint Commission to prepare a final report and a research paper on IT-linked sentinel events after the first year.

The plan also calls for tools to be built into electronic health records systems and other HIT to facilitate the reporting of possible HIT-linked safety incidents, both internally and to patient safety organizations, which, under the plan, are a first aggregation point for such reports outside of an organization.

ONC will “propose standards and certification criteria that make it easier for providers to quickly generate incident reports from data stored in” EHRs, the fact sheet said. One of those standards, developed by the Agency for Healthcare Research and Quality, are “common formats” for incident reporting, which need to be updated “so that clinicians can more easily record and report” HIT-related incidents.

Reider said the ONC is also looking for ways to aggregate the data from the patient safety organizations into a national database.

ONC also issued a separate, six-page guidance (PDF) for private sector ONC contractors, called “authorized certification bodies,” that certify the eligibility of medical records systems for use in the federal EHR incentive payment program. These organizations will be expected to receive and analyze patient safety complaints from users of systems they certify, and conduct post-market testing to verify whether the systems remain functional “when deployed in a live clinical setting.”

But even this plan and its related documents don’t include all of ONC’s approaches to patient safety and healthcare IT.

Responding to requirements of the Food and Drug Administration Safety Innovation Act, ONC earlier this year, working in coordination with the FDA and the Federal Communications Commission, created a special FDASIA workgroup on patient safety issues related to health IT. Its goal is to advise ONC and, through it, HHS on how to fulfill a Congressional mandate to develop “an appropriate, risk-based regulatory framework pertaining to health information technology.”

That framework is to include mobile medical applications and should promote innovation, protect patient safety and avoid regulatory duplication, according to the workgroup’s website.

Building the complete HIT patient safety program will continue over time, but it’s unclear just what impact the work of the FDASIA workgroup might have on possible revisions of today’s new plan, even if the regulatory scheme changes, Reider said.

“It’s a massive task, we’re starting to take on here and FDASIA, will be one of the many inputs into the final structure,” he said.